Next named exclusive Trail Blazer in NEW 2024 Radicati DLP Market Quadrant Report Read the Report
Updated: Apr 20, 2023   |   Fergal Glynn
Data Protection

DLP violations: What they are and how to address them

Go back

DLP violations: What they are and how to address them

Data-driven companies need to do everything they can to protect their valuable data resources. Data loss prevention (DLP) solutions are widely used by companies to secure sensitive and high-value information. DLP software is an essential part of an overall security strategy designed to minimize data breaches, unauthorized access, and misuse of high-risk data or intellectual property.

The foundation of a company’s DLP solution is its data handling policy. The purpose of a data handling policy is to define the ways that information of varying degrees of value and sensitivity is accessed and used throughout an organization. 

What is a data handling policy? 

An organization’s data handling policy categorizes its information resources and specifies how data should be treated after it is classified. Most data handling policies segregate data into at least three categories:

  • High-risk or sensitive data must be protected to prevent misuse or disclosure that could cause damage to the organization. This type of data includes information subject to regulatory compliance, valuable intellectual property, and trade secrets.

  • Medium-risk data can cause some damage if misused or disclosed, but not to the same degree as high-risk information. Internal procedure guides are an example of medium-risk data.

  • Low-risk data poses no threat to the organization if it is inadvertently disclosed or misused. This type of information can be freely disclosed to the public without damaging the company.

Companies can use generic data handling policy templates as a starting point when creating their policies. The unique characteristics of each company’s data resources will influence the creation of the policy and, in some cases, will define more than three classes of information.

In any case, the policy specifies how employees and processes can access and use a given data element. For instance, the policy may specify that all data falling into the high-risk category needs to be encrypted at all times to protect it from unauthorized access. 

The policy may state that medium-risk data can be shared in unencrypted form within the organization but must be encrypted before being transmitted over a public network. Low-risk data, on the other hand, can be used freely by everyone, does not require encryption, and can be shared with competitors or the public. 

What is a DLP violation?

A data loss prevention violation occurs when a user or process attempts to use information in a way that is forbidden by the data handling policy. A DLP software solution discovers the violation by monitoring how data is handled as it moves throughout the organization. Let’s look at a few examples to help clarify what exactly constitutes a DLP violation.

  • A user in the marketing department has just created a spreadsheet that contains prospective sales figures for all of the company’s accounts. This is considered medium-risk information per the organization’s data handling policy and must be encrypted before being transmitted to a remotely located coworker. The user attempts to send the unencrypted spreadsheet using email. This is a violation of the policy and should be flagged by the company’s DLP solution.
  • An accountant in a healthcare company wants to print a patient listing on their home printer to perform future analysis and research. The listing includes protected health information (PHI) about the patients, which makes the list a high-risk data element. Printing this information is restricted to company-owned printers located in a secure facility. Attempting to print it in a home office violates the DLP policy, and the activity should be blocked.
  • A user attempts to save a file containing sensitive customer data in publicly accessible cloud storage without encrypting the information. This violates the data handling policy and should be stopped by a reliable DLP solution. The user can still save the file but must first encrypt it to abide by the policy’s parameters.  

How to address DLP violations effectively

Enforcing a company’s data handling policy is one of the main functions of a DLP software tool. An automated data loss prevention solution should be capable of effectively addressing DLP violations by taking the necessary actions to enforce the company’s data handling policy. The tool should automatically prevent potential policy violations from being performed by users or other automated processes.

Solutions like Next DLP’s Reveal platform reliably enforce a data handling policy to ensure a company’s data is afforded the protection it deserves. In the examples of violations we looked at previously, Reveal would have taken the following actions:

  • Automatically encrypting the marketing spreadsheet before allowing it to be emailed

  • Preventing the accountant from printing the file on their home printer

  • Encrypting the file containing sensitive data before allowing it to be saved to public cloud storage

In addition to taking the necessary actions to protect enterprise data resources, Next DLP provides incident-based user training that explains to the user why a specific activity cannot be performed. This helps everyone in the organization to understand how information can be used. A knowledgeable workforce is better equipped to keep high-risk and sensitive data secure.

Keep your valuable information safe — contact us or book a demo with the experts at Next DLP to learn how easy it is to implement our robust and reliable DLP solution.
 
Demo

See how Next protects your employees and prevents data loss

Book a demo Contact us